ghsa-fpx7-665w-c5c9
Vulnerability from github
Published
2025-08-28 15:30
Modified
2025-08-28 15:30
Details

In the Linux kernel, the following vulnerability has been resolved:

tls: separate no-async decryption request handling from async

If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result.

We should preferably also use a separate crypto_wait. I'm not seeing a UAF as I did in the past, I think aec7961916f3 ("tls: fix race between async notify and socket close") took care of it.

This will make the next fix easier.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-58240"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-28T10:15:31Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: separate no-async decryption request handling from async\n\nIf we\u0027re not doing async, the handling is much simpler. There\u0027s no\nreference counting, we just need to wait for the completion to wake us\nup and return its result.\n\nWe should preferably also use a separate crypto_wait. I\u0027m not seeing a\nUAF as I did in the past, I think aec7961916f3 (\"tls: fix race between\nasync notify and socket close\") took care of it.\n\nThis will make the next fix easier.",
  "id": "GHSA-fpx7-665w-c5c9",
  "modified": "2025-08-28T15:30:39Z",
  "published": "2025-08-28T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58240"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41532b785e9d79636b3815a64ddf6a096647d011"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/48905146d11dbf1ddbb2967319016a83976953f5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/999115298017a675d8ddf61414fc7a85c89f1186"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dec5b6e7b211e405d3bcb504562ab21aa7e5a64d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.